With more and more CIOs being asked to conduct asset risk assessments, a Virginia GRC firm has unveiled a point-and-click solution that won’t break the budget. “Our tools have been engineered to give CIOs full line of sight across the organization’s risk landscape and to help them identify steps they can take to mitigate risk in a familiar drag-and-drop interface,” explains Steve Crutchley, founder and CEO of C2C SmartCompliance (c2csmartcompliance.com). Crutchley’s firm offers a trio of easy-to-use web- or enterprise-based risk management and compliance solutions that can be tailored for implementation.

Depending on the specific needs of the organization, many CIO's will be more than satisfied with the firm’s My Risk Assessor™, product, which was designed specifically for conducting risk assessments and business Impact Assessments (BIA). This includes everything from the risks associated with products and services to personnel, hardware, software, and infrastructure — essentially any type of risk outside the traditional realm of finance. My Risk Assessor™ gives CIOs the capability to map a business impact analysis to a specific asset, owner, requirement or regulation.

“Since all assets are subject to threats and vulnerabilities, our products come preloaded with capabilities to detect and prioritize series of possible threats, vulnerabilities, and mitigating controls,” according to Crutchley, whose firm has more than 25 years of Governance, Risk and Compliance auditing and consulting experience.

In addition to the asset risk functionality, compliance Assessment Professional™ and Compliance Mapper™ are much more encompassing solutions that automate the tedious task of regulatory compliance by mapping the relationships among requirements and identifying the most critical ones.

As new requirements are added and removed, CIO scan see any potential changes that will be needed to the organization’s overall policies, procedures and workflow — before they are implemented, giving the organization time to make necessary adjustments. C2C SmartCompliance’s clientele includes both large and medium-sized companies in the banking, financial, healthcare, power, manufacturing, and technology industries. “We have been able to give all of our customers’ detailed insight into subtle changes in their systems that they might not have otherwise noticed without our interactive solutions,” Crutchley says.

The company is constantly growing and has amassed a track record of producing good results for its clients over the years. In addition to the firm’s innovative compliance technology, C2C SmartCompliance is also emerging as a content provider with a library of more than 2,000 regulations, standards, and best practices. “Unlike other content providers operating in the GRC space, we can provide added value with mappings that highlight hidden relationships,” concludes Crutchley.